Now On Vision

Privacy Policy

Effective Date: 2025-10-24
Last Updated: 2025-10-24

This Privacy Policy explains how TAB TO TAP (“we,” “our,” or “the Service Provider”) collects, uses, and protects your information when you use our applications and related services (collectively, the “Application”).

TAB TO TAP is committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR) and other applicable data-protection laws.

1. Data We Collect

When you use the Application, we collect and process only the data necessary to provide our features securely and effectively.
This includes information stored and managed within our Supabase backend (hosted on secure, GDPR-compliant infrastructure).

Account and Authentication Data

  • Unique user identifier (UUID) and authentication credentials provided through Sign in with Apple

  • Email address (if shared by Apple)

  • Account creation and last sign-in timestamps

Profile Information

  • Optional public profile fields such as username, avatar image, first and last name, short bio, website link, country code, and timezone

  • Visibility preferences (e.g., whether your profile is discoverable on leaderboards or friend lists)

Usage and Activity Data

  • Connection and activity logs used to compute streaks, active days, and leaderboard rankings

  • Votes, favorites, and app submissions made within the community

  • Friend connections and pending requests

  • Presence indicators (e.g., “last seen” timestamp)

Application Data and Media

  • Metadata for apps you submit, such as title, description, icon, and link (App Store or TestFlight URLs)

  • Media you upload (e.g., icons, thumbnails, or other files) stored securely in Supabase Storage

  • Device model (for compatibility and analytics purposes only)

Technical and Security Data

  • Anonymous session data (timestamps, request identifiers, and IP logs retained by Supabase for fraud prevention)

  • No operating system version, geolocation, or sensitive personal data (such as biometrics, financial, or health data) is collected.

2. How We Use Your Data

We process your data to:

  • Create and manage your user account

  • Provide and improve our services

  • Display your username, streak, votes, and submissions in public leaderboards

  • Send relevant notifications or updates (if enabled)

  • Ensure platform security and prevent misuse

  • Respond to support requests and technical issues

3. Legal Basis for Processing

Under GDPR, we process personal data based on:

  • Contract performance – to provide the requested services

  • Consent – for optional features like notifications or app submissions

  • Legitimate interest – to improve functionality and community engagement

  • Legal obligation – where required by law

You can withdraw your consent at any time without affecting the lawfulness of processing before withdrawal.

4. Data Storage, Retention, and Deletion

All account, usage, and leaderboard data are securely stored in Supabase, a GDPR-compliant cloud service provider.

We retain your data only as long as necessary for the purposes described above or as required by law.

When you delete your account, all associated data (including usage history, votes, and streak records) are permanently and irreversibly erased from our systems within 30 days.

5. Data Sharing and Transfers

We do not sell or rent your data.
Your data may be shared only with:

  • Supabase Inc. (our data processor) – for secure cloud hosting and storage

  • Apple Inc. – via Sign in with Apple authentication

  • Legal authorities – if required by law or to protect user safety

Supabase may process data on servers located in the European Union or the United States, following GDPR Standard Contractual Clauses (SCCs) for lawful data transfers.

6. Your Rights Under GDPR

You have the right to:

  • Access the personal data we hold about you

  • Correct inaccurate or incomplete data

  • Request deletion of your data (“right to be forgotten”)

  • Restrict or object to processing

  • Request data portability

To exercise your rights, contact tom@tabtotap.com.
We respond to verified requests within 30 days.

7. Public Leaderboards and Community Features

If you participate in leaderboards or vote for apps, your public username, streak count, and votes may be visible to other users.
Do not include personal details in public submissions or usernames.
You may opt out of public visibility at any time via your account settings.

8. Notifications

You may receive optional notifications related to updates, streak milestones, or community activity.
You can manage or disable notifications at any time from your device or in-app settings.

9. Children’s Privacy

Our Application is not intended for children under 13.
In jurisdictions requiring higher consent ages (e.g., 16 under GDPR), we do not process personal data without verified parental consent.

10. Security

We use industry-standard technical and organizational measures to protect your data from unauthorized access, alteration, or loss.
These include encrypted connections (TLS), anonymized logs, and restricted access within Supabase.

11. Changes to This Policy

We may update this Privacy Policy periodically.
Any updates will be posted in the Application or on our website, with the revised date shown at the top.
Material changes will be communicated directly to users.

12. Contact Us

For any privacy inquiries, GDPR requests, or security concerns:

TAB TO TAP
Email: tom@tabtotap.com